Regulators Fine Capital One $80 Million for Data Breach

August 7, 2020
130 Views

Capital One Financial Corp. (NYSE: COF) has been hit with one of the harshest data breach fines in history. Regulators at the Treasury’s Office of the Comptroller of the Currency (OCC) fined the bank $80 million for its part in the leak of more than 100 million customer records last year.

Shares in Capital One fell on Thursday when the news was announced. The stock was down -1.73% at the closing bell.

One of the Largest Personal Data Breaches in History

In July 2019, Capital One announced that a hacker had gained access to 140,000 U.S. Social Security numbers, around one million Canadian Social Insurance numbers, and up to 80,000 bank account numbers. Millions of names, addresses, credit limits, credit scores, and account balances were also compromised in the leak.

The hacker was an ex-Amazon Web Services Employee, the same company that had hosted Capital One’s data. While the hacker was arrested and charged, regulators further investigated the bank, finding that it had failed to “establish effective risk assessment processes prior to migrating information technology operations to the public cloud environment.”

Regulators also criticized the bank for failing to respond promptly and correct the deficiencies.

The breach occurred in March of 2019, but the bank didn’t learn about it until July 19. Full details were then released to the public later that month.

Strict Conditions for the Bank Moving Forward

The $80 million fine is only one aspect of the penalties imposed on Capital One. Regulators have also demanded that the bank’s board of directors submit a plan to improve their security protocols and cyber defenses. The bank now has 90 days to comply. In addition, it must submit quarterly progress reports as it implements any new security initiatives.

Although not detailed, analysts assume that there could be further penalties for the bank if it fails to comply with the order, or if its efforts aren’t deemed appropriate or secure.

Fine to Be Paid Directly to the Treasury

The fine doesn’t include any compensation for customers who were affected by the data breach. It will go directly to the United States Treasury.

Capital One reported a net loss of $918 million after the second quarter. The fine and loss of brand confidence will add to its woes as it struggles to generate profits during the Coronavirus Pandemic.

You may be interested

Global Coronavirus Recovery Could Take Years According to World Bank
Economy
46 views
Economy
46 views

Global Coronavirus Recovery Could Take Years According to World Bank

Adam R - September 18, 2020

The global recession triggered by the Coronavirus Pandemic could lead to years of recovery. This is the warning given by…

Federal Reserve Maintains Interest Rate in Latest Policy Meeting
Economy
59 views
Economy
59 views

Federal Reserve Maintains Interest Rate in Latest Policy Meeting

Becky H - September 17, 2020

The United States Federal Reserve has kept its benchmark interest rate at zero percent after its policy meeting this week.…

Nvidia in Talks to Purchase Arm Holdings
Business
130 views
Business
130 views

Nvidia in Talks to Purchase Arm Holdings

Adam R - September 14, 2020

Nvidia Corp. (NASDAQ: NVDA) is reportedly in late-stage talks to purchase Arm Holdings, one of the most important semiconductor companies…